[rescue] (Offtopic) X-Message-Flag fun for Outlook users

Phil Stracchino phil.stracchino at speakeasy.net
Thu Aug 3 11:21:48 CDT 2006

Peter Corlett wrote:
> On 2 Aug 2006, at 23:41, Jonathan C. Patschke wrote:
> [...]
>> We're affected by Microsoft -every single day-.  Your average mail
>> system receives approximately 15% - 30% more spam (both in terms of
>> messages and octet count) than it does actual email.  A very, very  
>> large
>> portion of that traffic is generated by zombified PCs running  
>> Microsoft
>> Windows.
> 100:115 - 100:130? I wish it were that low.
> Probably about 90% of the attempted mail deliveries to my MXer are  
> worm traffic. The aggressive heuristics mean that most don't make it  
> past MAIL FROM: and probably about 60% of what's left gets as far as  
> DATA before also being declined.

I actually abandoned babcom.com for mail delivery purposes because the
spam problem had gotten so bad.  It wasn't 15%-30% more spam than real
mail; it was orders of magnitude.  I once observed a three-day period
over which I received in excess of 10,000 spam delivery attempts per
day, and less than 100 legitimate mail messages during the entire three

Babcom.com is now MX'd directly into a Spamcop honeypot address.  For
safety, Spamcop drops mail actually addressed to a list of babcom.com
addresses that have ever actually existed before processing the
remaining spam, but even without that preprocessing, mail addressed to
babcom.com is a 99.9% pure stream of spam that's consistently averaging
3,000-4,000 messages per day.  Adrian loves it.

I take some gratification from the thought that one of my domains is
probably significantly contributing to the effectiveness of Spamcop.

I still get some mail for babcom.com that ignores the MX records and is
sent directly to the domain.  I reject it all, because it's ALL spam.
100%.  About two years ago, I had *one message* come in that was
legitimate mail accidentally sent to the wrong domain.  There has not
been a single message since then sent to a babcom.com user that actually
exists and was not sent from a known spam source.

 Phil Stracchino                     Landline: 603-886-3518
 phil.stracchino at speakeasy.net         Mobile: 603-216-7037
 Renaissance Man, Unix generalist, Perl hacker, Free Stater

More information about the rescue mailing list